U.S. drug inspections in China: Staying ahead of FDA enforcement trends
美国对华药品检查：值得重视的 FDA 最新执法趋势
China’s pharmaceutical manufacturing industry is amongst the largest, and, from a supply-chain perspective, one of the most important, in the world. One consequence of China’s growing role in the global pharmaceutical supply chain is increased oversight from global regulatory authorities, such as the U.S. Food and Drug Administration (FDA), through increased inspections and surveillance efforts. As Chinese pharmaceutical companies continue to invest in and expand finished product and biotechnology manufacturing, China’s pharmaceutical manufacturing industry and role in the global supply chain will continue to grow.
As you are likely aware, FDA’s Beijing office has allowed FDA to significantly increase the number of Chinese drug manufacturers it inspects each year. For example, in 2007, FDA conducted approximately 14 inspections of drug manufacturing facilities in China. Ten years later, in 2017, that number has jumped to approximately 156 inspections of drug manufacturing facilities in China. FDA’s Beijing office has also allowed FDA to conduct unannounced inspections in China, which in the past was uncommon. Moreover, mutual recognition of inspectional findings between FDA and European authorities has allowed FDA to focus additional resources on inspections in China1. In addition to conducting more inspections, FDA is becoming more sophisticated in its inspectional strategies, as well as utilizing FDA investigators that have Chinese language skills.
FDA’s increased focus on Chinese drug manufacturers has led to numerous compliance issues and enforcement actions, including Import Alerts and Warning Letters. A critical element of maintaining acceptable cGMP status is staying apprised of critical FDA compliance and enforcement initiatives. In this regard, and in follow-up to our seminar focusing on FDA compliance issues critical to Chinese drug manufacturers, we wanted to bring to your attention some important recent developments.
FDA’s Has Issued Its Final Data Integrity Guidance, with Some Notable Differences from the Initial Draft Guidance
On December 12, 2018, FDA published the Final Data Integrity Guidance2, which updates the Draft Data Integrity Guidance3 from April 2016. Although the Final Guidance largely aligns with the Draft Guidance, there are some notable differences. In particular:
- An expansive interpretation of FDA’s inspectional authority under 21 USC § 374 and lack of clarity on how it applies to foreign establishments. In Footnote 14 in the Final Guidance, FDA indicates that pursuant to 21 USC § 374(a), FDA may inspect “records not intended to satisfy a CGMP requirement but which nonetheless contain CGMP information.” FDA also states on page 12 of the Final Guidance that “an email to authorize batch release is a CGMP record that FDA may review” pursuant to its 21 USC § 374(a) inspectional authority. This interpretation of 21 USC § 374 is noteworthy because it could be read to go beyond what FDA generally has authority to inspect, for example, email containing personnel information that could cover a broad range of information. Under 21 USC § 374, FDA only has the statutory authority to inspect personnel records that go to the qualification of technical and professional personnel. Similarly, FDA’s authority to inspect records does not extend to financial data, sales data (other than shipment data), pricing data, and research data (other than data relating to 21 USC § 355(i) (investigational new drug), § 355(k) (postmarket studies), or § 355(j) (abbreviated new drug applications)). It also raises the question as to how FDA would go about locating emails containing CGMP information (that are not technically CGMP records) without reviewing significant amounts of email records that very well could be outside the scope of 21 USC § 374.
Additionally, while relying on 21 USC § 374, the Final Guidance does not differentiate between foreign and domestic inspections with regard to this potentially expansive interpretation and how it will be applied outside the United States. This is noteworthy because much of FDA’s data integrity enforcement has focused on manufacturing sites outside the United States and FDA has itself recognized that its access to foreign establishments, such as manufacturing sites in China, and the records therein does not come from FDA’s inspection authority under 21 USC § 374.4 This is why, for example, FDA investigators do not issue a Form FDA 482, Notice of Inspection, when conducting a foreign inspection in China. For an inspection under 21 USC § 374, FDA investigators are required to issue a Form FDA 482 to each firm inspected.5 But FDA investigators are instructed not to issue a Form FDA 482 during foreign inspections, as 21 USC § 374 does not apply during foreign inspections.6 FDA’s ability to conduct foreign inspections has historically derived from the fact that if an inspection or a request to review records is refused, FDA can take measures to deny access to the United States market (via import refusal and withholding of application approvals).
- Increased emphasis on the critical role of senior management in creating a quality culture that identifies and addresses data integrity risks. For example, the preamble to the Final Guidance states that “[m]anagement’s involvement in and influence on” strategies to identify and address data integrity risk is “essential in preventing and correcting conditions that can lead to data integrity problems.” The Final Guidance also states that “[i]t is the role of management with executive responsibility to create a quality culture where employees understand that data integrity is an organizational core value and employees are encouraged to identify and promptly report data integrity issues. In the absence of management support of a quality culture, quality systems can break down and lead to CGMP noncompliance.” This could signal an increased willingness on the part of FDA to hold senior management, including corporate management, responsible for data integrity issues identified at manufacturing sites.
- Clarifying that invalidated data must be evaluated by the quality unit pursuant to release. While the Draft Guidance was silent on the issue of whether legitimately invalidated data should be included within the scope of the quality unit’s batch record review pursuant to release, the Final Guidance expressly addresses this point: “Even if test results are legitimately invalidated on the basis of a scientifically sound investigation, the full CGMP batch record provided to the quality unit would include the original (invalidated) data, along with the investigation report that justifies invalidating the result.” This difference is consistent with how we have seen FDA enforce the Draft Guidance in the field with respect to invalidated data.
- More stringent requirements regarding access controls. Whereas the Draft Guidance recognized that some manufacturers may be too small to support independent security role assignments—e.g., for system administrators—the Final Guidance does not include this provision. The Final Guidance simply states that the “system administrator role, including any rights to alter files and settings, should be assigned to personnel independent from those responsible for the record content.” The Final Guidance further states that manufacturers should “establish and implement a method for documenting authorized personnel’s access privileges for each CGMP computer system in use (e.g., by maintaining a list of authorized individuals).” Regarding shared accounts, the Final Guidance states that even read-only shared accounts are not permissible.
- Enhanced requirements relating to audit trail review. Whereas the Draft Guidance recommended that “audit trails that capture changes to critical data be reviewed with each record and before final approval of the record,” (emphasis added) the Final Guidance states that “[i]f the review frequency for the data is specified in CGMP regulations, adhere to that frequency for the audit trail review.” The Final Guidance further clarifies that audit trails should be reviewed “after each significant step in the manufacture, processing, packing, or holding” of a drug, and before batch release. This difference between the Draft Guidance and Final Guidance is potentially significant in that it could increase the amount of data reviewed during manufacturing and batch release. The Final Guidance does not clarify the scope of audit trail review—i.e., what time points should be included within the scope of the quality unit’s review, particularly at batch release.
Overall, the Final Guidance shows that data integrity remains a top enforcement priority for FDA, and FDA will expect any Chinese manufacturing sites making drug products for the United States market to be in compliance with the expectations detailed in the Final Guidance moving forward.
U.S. Government Officials’ Recent Statements on FDA and DOJ Enforcement Priorities
In speeches and panel discussion at the recent Food and Drug Law Institute (FDLI) Enforcement, Litigation and Compliance Conference, FDA Commissioner Scott Gottlieb, M.D., and other senior leaders from FDA and the U.S. Department of Justice (DOJ) highlighted key drug enforcement issues and announced tougher compliance and enforcement policies for drug manufacturers and other stakeholders. Their statements offer insights into the areas where FDA and DOJ will be focusing in 2019 and beyond. These statements include:
FDA Commissioner Scott Gottlieb, M.D.
- Import Program. Dr. Gottlieb explained the goals of new laws (effective October 2018) which granted FDA authority to “efficiently detain, refuse and destroy unlabeled imports that are found to contain active ingredients or analogs of active ingredients that are in FDA-approved drugs." FDA no longer has to make a determination that an incoming unlabeled article may be a drug before taking action against it. As a consequence, FDA plans to increase the number of incoming packages it inspects to remove more potentially dangerous drug products from the supply chain more easily.
The close partnership between FDA and U.S. Customs and Border Protection (CBP) was strengthened with increased funding of $94 million (US) aimed at increasing the number of full-time FDA inspectors at the international mail facilities (IMFs) and personnel at FDA’s criminal office and laboratories. FDA is also investing in scientific tools to enhance detection and identification of dangerous and counterfeit drugs that are being for offered for import into the United States. CBP’s efforts have allowed FDA to initiate more than 550 criminal port-of-entry investigations in 2017 and 2018.
- Data Integrity. Data integrity will continue to be a big focus for FDA. Dr. Gottlieb stated that data integrity is a common theme of public health risks observed during site inspections. “[O]ne thing we’ve uncovered too often is situations in which drug quality data and information aren’t accurate ... These risks can make problems and failures with product quality and safety.” FDA has focused on increasing resources and improved capabilities to identify data manipulation or security concerns, including training FDA staff on identifying data integrity issues.
- Cooperative Agreements. FDA has made “critical improvement to our inspection program is our increased ability to leverage the high-quality work of trusted foreign regulators.” FDA and the European Union’s (EU) Mutual Reliance Agreement that allows sharing of inspectional information. In addition, FDA and foreign authorities are participating in the International Active Pharmaceutical Ingredient Inspection Program to establish a framework to share cGMP inspectional information of API manufacturing sites. Dr. Gottlieb further stated that “[r]ecently, this framework has allowed for information sharing regarding planned inspections of valsartan API facilities.”
- Compounding. Dr. Gottlieb stated that FDA’s compounding enforcement operations is a key priority. This includes FDA guidance, rigorous inspections, and swift action when investigators observe conditions that risk patient health and safety. “We still see a lot of concerning activity in this [compounding] space ... We are committing to put new resources behind these efforts. We’ll use all our enforcement tools to protect patients; and we have a number of civil and criminal investigations underway in this area.” In 2018, FDA and DOJ entered multiple consent decrees enjoining drug compounders which violated the law and placed patients at risk. FDA’s increased focus on compounding enforcement may increase scrutiny of the product and manufacturing quality of bulk Active Pharmaceutical Ingredient (API) imported from Chinse and other foreign manufacturing sites for compounding.
- Dietary Supplements. FDA has increased regulatory oversight and enforcement on dietary supplements. A Dietary Supplement Working Group within FDA has been formed to looks for new authorities to address risk associated with dangerous and illegal ingredients, failure to comply with cGMP, and unproven claims. FDA announced that it is implementing new policies to improve regulatory oversight of dietary supplement manufacturers.
- Drug Supply Chain Security Act. FDA is continuing to work towards fully implementing the Drug Supply Chain Security Act in 2023, with a particular focus on track-and-trace requirements which FDA believes is critical given the rise of “sophisticated criminal organizations that intend to profit from the introduction of counterfeit or otherwise illegal drugs into the U.S.”
FDA Chief Counsel Stacy Cline Amin
- In September 2018, Stacy Cline Amin became FDA’s new Chief Counsel. The Office of the Chief Counsel (OCC) is responsible for, among other things, implementing FDA policies and handling civil and criminal enforcement cases. Her experience includes leading the U.S. Senate’s investigation into a 2012 fungal meningitis outbreak resulted from drugs compounded in insanitary conditions. “One issue that’s been especially concerning to FDA is that we continue to identify insanitary conditions during many inspections of compounders. These conditions present a serious public health risk. “[I]t’s crucial that the FDA work in collaboration with [DOJ] to act quickly to protect patients,” she said of compounders that have already been warned to correct violations of law.
Deputy Assistant Attorney General James Burnham
- James Burnham, Deputy Assistant Attorney General for DOJ’s Consumer Protection Branch, is responsible for investigating and litigating civil and criminal violations of the Federal Food, Drug, and Cosmetic Act (FDCA). Burnham reiterated FDA and DOJ’s partnership to increase focus on enforcement against compounding pharmacies. “[DOJ] will take aggressive action against compounders who we believe post a danger to the public – no matter how small the compounder – and I assure you that enforcement will be swift and it will be fierce against any compounder who actually does harm members of the public through poor manufacturing practices or safety lapses.” In addition to compounding pharmacies, Burnham made clear that DOJ is working closing with FDA to ensure that all drug manufacturing sites comply with cGMP requirements.
FDA’s is Classifying Inspections and Deciding Whether Enforcement Action Is Needed at a Much Faster Pace Under FDA’s recently established Concept of Operations (COO), FDA is now reviewing cGMP evidence gathered during inspections on an accelerated timeline and is making determinations with respect to whether regulatory or enforcement action is necessary at a much faster pace. In particular, under the COO, FDA is now required to make an initial determination as to the acceptability of a facility within 45 days after the close of the inspection, and FDA is then required to make a final determination within 90 days after the close of the inspection. If a drug manufacturing facility is found to be unacceptable at this point, FDA may take swift action against the company. The speed at which FDA is now making decisions on inspections means that a company’s initial response to a Form FDA 483 (483)7 is critical, and following a difficult FDA inspection significant resources must be devoted to preparing and submitting a strong 483 response within 15-business days from the close of the inspection. For example, a drug manufacturing facility in China hoping to avoid being put on Import Alert/Import Ban by FDA following a difficult inspection will need to convince FDA that the corrective and preventative actions it has and will implement in response to the 483 observations are effective and comprehensive enough to address FDA’s concerns. In short, a company’s initial 483 response is more important than ever, and there will only be a short window of opportunity following a company’s initial 483 response to further update FDA and demonstrate that no FDA regulatory or enforcement action is warranted.